Method and apparatus for implementing generic access network functionality in a wireless communication device

ABSTRACT

According to one aspect of the teachings presented herein, a “smart” phone or other wireless communication device includes a “modem” processor configured to support cellular communication network signaling and an “applications” processor configured to host call control and/or user applications, such as by providing a desired Operating System (OS) for hosting such applications. In at least one embodiment of a wireless communication device contemplated herein, the modem processor implements a cellular network signaling controller, a Generic Access Network (GAN) manager, and a privately routable, first Internet Protocol (IP) stack. Further, the applications processor implements a publicly routable, second IP stack that implements routing, e.g., a Network Address Translation (NAT) routing, for routing GAN traffic to and from the first IP stack on a local IP link bridging the first and second IP stacks.

RELATED APPLICATIONS

This application claims priority under 35 U.S.C. §119(e) from the U.S.Provisional Patent Application Ser. No. 61/113,052, which was filed on10 Nov. 2008 and entitled “GAN-Bridge.”

TECHNICAL FIELD

The present invention generally relates to wireless communicationsystems and devices, and particularly relates to the implementation ofGeneric Access Network (GAN) functionality in a wireless communicationdevice.

BACKGROUND

Generic access network (GAN) protocols and operations allow a properlyconfigured wireless communication device to maintain voice callcontinuity (VCC) as it moves between cellular coverage and local,unlicensed wireless coverage. With GAN capability, users can place voice(and data) calls using a cellular communication network and have calltraffic shifted to the potentially cheaper and faster service offered bya Wireless LAN (WLAN) or essentially any other network, system, oraccess point that offers an Internet Protocol (IP) bearer. For example,a mobile operator providing cellular communication services via aGSM/GPRS network can extend coverage to WLANs or other IP-based networksby coupling them to the GSM/GPRS core network through an appropriatelyconfigured network controller.

In the context of GSM/GPRS, GAN protocols and operations are specifiedby the Third Generation Partnership Project (3GPP) TechnicalSpecifications 43.318 and 44.318. The addition of GAN technology toexisting GSM/GPRS networks enables users to roam seamlessly between thewide area GSM/GPRS network and local area networks having IPconnectivity to the GSM/GPRS network. WiFi (802.11 b/g/n) radiotransceivers are thus commonly included in GAN-enabled cellularhandsets.

When a local network is detected by such a handset, it establishes asecure IP connection through a gateway to a server called a GANController (GANC) that is owned or otherwise associated with the mobileoperator. The GANC communicatively couples to the GSM/GPRS core networkof the mobile operator and makes the signaling coming from the handsetlook like it is coming from another base station in the GSM/GPRSnetwork. The GANC thus appears to be just another base station from thecore network's perspective, although mobility management obviously isdifferent, as the GANC can provide support for devices in any number ofgeographically separated wireless hotspots.

With the above in mind, GAN technology may be understood as replacingthe radio connection between a cellular terminal and a supportingcellular network with an IP connection provided through a local accessnetwork. Supporting such operation, GAN functionality broadly dividesinto three tightly connected main parts: the (cellular) networksignaling for access, authentication, and call processing; IP connectioncontrol signaling for establishing and carrying out IP-basedcommunications; and, at least for Voice-over-IP (VoIP) calls, audiosystem processing for handling audio data stream coding/decoding andexecuting associated audio algorithms.

SUMMARY

According to one aspect of the teachings presented herein, a “smart”phone or other wireless communication device includes a “modem”processor configured to support cellular communication network signalingand an “applications” processor configured to host call control and/oruser applications, such as by providing a desired Operating System (OS)for hosting such applications. In at least one embodiment of a wirelesscommunication device contemplated herein, the modem processor implementsa cellular network signaling controller, a Generic Access Network (GAN)manager, and a privately routable, first Internet Protocol (IP) stack,which implements IP security (IPsec) in one or more embodiments.Further, the applications processor implements a publicly routable,second IP stack that implements a router for routing GAN traffic to andfrom the first IP stack on a local IP link bridging the first and secondIP stacks. In at least one such embodiment, the second IP stackimplements Network Address Translation (NAT) routing, for routing GANtraffic to and from the first IP stack.

In another embodiment, a method of supporting Generic Access Network(GAN) functionality in a wireless communication device comprisesoperating a privately routable, first IP stack in association with a GANmanager, and operating a publicly routable, second IP stack as a routerfor the first IP stack. Here, the second IP stack routes outgoing GANtraffic from the first IP stack to a public network interface and routesincoming GAN traffic from the public network interface to the first IPstack, where the first and second IP stacks are bridged via a local IPlink.

Among the several advantages provided by the above method and apparatusare decreased GAN implementation complexities as compared toimplementing GAN functionality in the applications processor with aproxy-based interface to network signaling controls in the modemprocessor. GAN implementation complexity is further reduced assubstantially the same GAN implementing software can be used for themodem processor, irrespective of the OS hosted on the applicationsprocessor. As a further advantage, the above implementation providesincreased security as compared to implementation of GAN functionalitywithin the applications processor, because GAN traffic encryption anddecryption occurs within the modem processor, where cellular networksignaling is hosted, and where Internet Key Exchange (IKE) and IPsecprocessing is hosted.

Of course, the present invention is not limited to the above summary offeatures and advantages. Indeed, those skilled in the art will recognizeadditional features and advantages upon reading the following detaileddescription, and upon viewing the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is block diagram of one embodiment of a cellular communicationnetwork in an unlicensed (wireless) access network, and a wirelesscommunication device.

FIGS. 2 and 3 are block diagrams illustrating implementation details foran embodiment of the wireless communication device introduced in FIG. 1.

FIG. 4 is a logic flow diagram illustrating one embodiment of a methodof Generic Access Network (GAN) functionality implemented by thewireless communication device of FIG. 2 or 3, for example.

DETAILED DESCRIPTION

FIG. 1 depicts one embodiment of a wireless communication device 10, ascontemplated herein. The device 10 includes GAN functionality, meaningthat it communicatively couples to a Core Network (CN) 12 of asupporting cellular communications network 14 through a cellular RadioAccess Network (RAN) 16, based on the device's cellular signalingfunctionality, or through a given IP bearer 18, based on the device'sGAN functionality. Such a bearer may be provided, for example, by a WLANaccess point 32. Although the supporting cellular communications network14 may be essentially any type of cellular network (e.g., Wideband CDMA,Long Term Evolution or LTE, etc.), it comprises a GSM/GPRS network byway of non-limiting example.

As such, the illustrated CN 12 includes a Mobile Switching Center (MSC)20, to manage communications between devices 10 and the Public SwitchedTelephone Network (PSTN), which is not shown. The CN 12 further includesa Serving GPRS Support Node (SGSN) 22, which detects new GPRS-capabledevices 10 within its associated service area(s), performs terminalauthentication, authorization and admission control for GPRS services,sends and receives GPRS packet data to and from such devices 10, andmaintains service area location information for such devices 10. The CN12 further includes an AAA/proxy server 24 (AAA forAuthentication/Access/Accounting), which provides authentication andaccess control for devices 10 attempting to gain connectivity with thecellular communication network 14, and provides for service accountingfunctions for subscriber billing, etc. The AAA/proxy server 24 thereforeis associated with a Home Location Register (HLR) 26, which includes adatabase of subscriber information.

With the illustrated arrangement, and with GAN functionality implementedin the device 10, the device 10 communicatively couples to the CN 12either through the cellular RAN 16, which includes one or more cellularbase stations 30, or, when employing GAN access, via the IP bearer 18,such as provided by the illustrated access point 32. Those skilled inthe art will appreciate that the access point 32 is, in one or moreembodiments, an WiFi/WLAN access point, such as based on IEEE 802.11standards. In any case, the access point 32 communicatively couplesthrough a generic IP network 34, to a GAN Controller (GANC) 36, whichincludes a security gateway 38. In turn, the GANC 36 communicativelycouples to the CN 12, and carries packet data for the device 10 into andout of the CN 12 substantially as if it were another cellular basestation 12 in the cellular communication network 14.

The embodiment of the device 10 illustrated in FIG. 2 implementsadvantageous GAN-related functionality, and comprises a modem processor40 implementing a cellular network signaling controller 42, a GenericAccess Network (GAN) manager 44, and a privately routable, firstInternet Protocol (IP) stack 46 implementing IP security (IPsec). In theillustrated embodiment, the modem processor 40 further includes orimplements an audio coder/decoder (codec) 48, a Real-time TransportProtocol (RTP) controller 50, and an Internet Key Exchange (IKE)Protocol controller 52. Further, the modem processor 40 includes or isassociated with a cellular radio transceiver 54, which is configured totransmit cellular communication signals and to receive cellularcommunication signals, e.g., GSM/GPRS and/or WCDMA signals. It should benoted that audio codec 48 (audio system) is not an integral part of theGAN-related control and processing which is advantageously consolidatedwithin the modem processor 40. Therefore, in one or more embodiments,the audio codec 48 is implemented separately from the modem processor40, such as in an associated DSP.

The device 10 further includes an applications processor 60 implementinga publicly routable, second IP stack 62. The second IP stack 62advantageously implements a router 64, for routing GAN traffic to andfrom the first IP stack 46 on a local IP link 66 bridging the first andsecond IP stacks 46 and 62. This configuration supports consolidation ofGAN functionality within the modem processor 40, where, in one or moreembodiments, an IP security (IPsec) layer 68 in the first IP stack 46 isconfigured to encrypt outgoing GAN traffic, and the first IP stack 46 isconfigured to send the outgoing encrypted GAN traffic to the second IPstack 62 over the local IP link 66. The second IP stack 62 provides NATrouting of that outgoing encrypted GAN traffic onto an external IPnetwork 70.

Supporting that communication flow, the applications processor 60includes or is associated with a public network interface 72, and thesecond IP 62 stack is configured to provide NAT routing of the outgoingencrypted GAN traffic into the public network interface 72 (“C”interface), for transport on the external IP network 70. Further, thesecond IP stack 62 is advantageously configured to provide NAT routingof incoming encrypted GAN traffic, as received through the publicnetwork interface 72, into a second local network interface 74 (“B”interface), for delivery to the first IP stack 46 in the modem processor40. The first IP stack 46 in the modem processor 40 includes acomplementary first local network interface 76, for establishing thelocal IP link 66 between, and the IP sec layer 68 of the first IP stack46 is configured to decrypt the incoming encrypted GAN traffic forhigher-layer processing by the RTP controller 50.

Correspondingly, the first IP stack 46 generates outgoing encrypted GANtraffic by encrypting outgoing RTP packets carrying outgoingVoice-over-IP (VoIP) data and generates incoming RTP packets carryingincoming VoIP data by decrypting incoming encrypted GAN traffic.Supporting this functionality, the RTP controller 50 is configured togenerate the outgoing RTP packets from outgoing coded audio data andgenerate incoming coded audio data from the incoming RTP packets. Inturn, the audio codec 48 is configured to generate the outgoing codedaudio data by encoding a local input audio signal (e.g., a microphonesignal), and is configured to generate a local output audio signal bydecoding the incoming coded audio data (e.g., a speaker signal).

Thus, according to the above arrangement, the first local networkinterface circuit 76 is communicatively coupled to the first IP stack46, and the second local network interface 74 is communicatively coupledto the second IP stack 62. This pair of interfaces 74 and 76 isconfigured to support the local IP link 66 between the first and secondIP stacks 46 and 62, for NAT routing of encrypted GAN traffic betweenthe first and second IP stacks 46 and 62. Further, as noted, the publicnetwork interface 72 in the applications processor 60 communicativelycouples the second IP stack 62 to the external IP network 70.

Also, as noted, the second IP stack 62 is configured in one or moreembodiments to perform NAT routing of incoming encrypted GAN trafficreceived through the public network interface 72 to the second localnetwork interface 74, for transfer to the first IP stack 46 via thelocal IP link 66. Further, the second IP stack 62 performs NAT routingof outgoing encrypted GAN traffic received through the second localnetwork interface 74, for transfer to the external IP network 70 via thepublic network interface 72. In another embodiment contemplated herein,encryption of outgoing GAN traffic and decryption of incoming GANtraffic is carried out via the second IP stack 62, rather than in theIPsec layer of the first IP stack 46.

With the above examples, in mind, it will be understood that in one ormore embodiments of the device 10 the applications processor 60 includesor is associated with a public network interface 72 that iscommunicatively coupled to the second IP stack 62, for communicativelycoupling the second IP stack 62 to an external IP network 70. Further,the second IP stack 62 is configured to perform NAT routing of incomingGAN traffic received through the public network interface 72 to a localnetwork interface 74, for transfer to the first IP stack 46 via thelocal IP link 66, and to perform NAT routing of outgoing GAN trafficreceived through the local network interface 74, for transfer to theexternal IP network 70 via the public network interface 72. If GANtraffic encryption/decryption is done in the first IP stack 46 ratherthan in the second IP stack 62, then the GAN traffic passing on thelocal IP link 66 between the first and second IP stacks 46 and 62 isencrypted.

Still further, as shown in the embodiment depicted in FIG. 3, theapplications processor 60 includes or is communicatively associated withan additional local network interface 78 (“A” interface) that iscommunicatively coupled to the cellular network signaling controller 42of the modem processor 40, for carrying non-encrypted (non-GAN) userdata traffic flowing between the modem processor 40 and the applicationsprocessor 60. Particularly, in the illustrated embodiment, theadditional local network interface 78 communicatively couples the secondIP stack 62 to the network signaling controller 42, for non-GAN IPtraffic and control signaling transfer.

In at least one embodiment, the modem processor 40 comprises a firstmicroprocessor-based circuit. By way of non-limiting example, the modemprocessor 40 comprises, e.g., a Central Processing Unit (CPU), which maybe a microprocessor, microcontroller, digital signal processor (DSP), anApplication Specific Integrated Circuit (ASIC) or Field ProgrammableGate Array (FPGA), any of which may include a microprocessor core.Preferably, the modem processor 40 provides baseband processing ofdigital signal samples obtained from antenna-received radio signals,after down-conversion and digitization by the cellular transceiver 54,and similarly provides generation of baseband digital signal samples forgenerating radio signals transmitted by the cellular transceiver 54.Thus, the modem processor 40 may be referred to as a baseband processoror DSP.

In this context, one or more of the various controllers and otherelements that are functionally illustrated as being within the modemprocessor 40 may be implemented in whole or in part via the execution ofstored computer program instructions by the modem processor 40. As such,in at least one embodiment, one or more memory circuits or other storagedevices 80 are included in or are associated with the modem processor40. The memory circuit(s) 80 serve as a computer readable medium, andstore computer program instructions and supporting data (e.g.,configuration values, etc.) 82. Execution of the stored computer programinstructions functionally instantiates the illustrated controllers,e.g., the GAN manager 44 and network signaling controller 42, and thefirst IP stack 46.

Further in this regard, it will be understood that the GAN manager 44,which may be implemented in hardware and/or software, controls orotherwise provides GAN processing functionality for the device 10. As isdetailed herein, consolidating GAN processing control into the GANmanager 44 within the modem processor 40 simplifies the overall designof the device 10, and allows the same or substantially the same GANmanager 44 to be used with different application processorimplementations (e.g., different operating systems, etc.)

Likewise, the applications processor 60 comprises, in one or moreembodiments, a second microprocessor-based circuit. (“Second” here is aterm used relative to the first microprocessor-based circuitimplementing the modem processor 40, and there may be more than twomicroprocessor-based circuits in the device 10.) By way of non-limitingexample, the applications processor 60 comprises, e.g., a CentralProcessing Unit (CPU), which may be a microprocessor, microcontroller,digital signal processor (DSP), an Application Specific IntegratedCircuit (ASIC) or Field Programmable Gate Array (FPGA), any of which mayinclude a microprocessor core. However, those skilled in the art willappreciate that the modem processor 40 and the applications processor 60can be implemented on a common die (e.g., within the same integratedcircuit), implemented within the same multi-chip module on the same ordifferent die, or can be implemented as physically separate devices.

In any case, the applications processor 60 preferably is configured tohost one or more call control applications 84, and one or more userapplications 86 (shown in FIG. 2 and in FIG. 3). By way of non-limitingexample, the applications processor 60 is configured to host an “addressbook” or other phone-based contacts manager that allows a user of thedevice 10 to place VoIP calls, using either direct cellular access viathe cellular transceiver 54, or indirect GAN-based cellular accessaccording to the above-described modem/application processorcooperation. Also, as described for the non-GAN user data trafficillustrated in FIG. 3, the one or more user applications comprise, forexample, an email application and a web browser client, which areconfigured to communicate with Internet-based servers using protocolssuch as HTTP and SMTP. These “pure” Internet communications do not, as ageneral proposition, need GAN-based cellular connectivity.

The functionality encompassed by the applications processor 60 is, inone or more embodiments, implemented in part or in whole based on theapplications processor 60 executing stored computer programinstructions. As such, one or more memory circuits or other storagedevices 88 operate as a computer readable medium, for storing computerprogram instructions and associated supporting data 90. It will beunderstood that these stored computer program instructions may beorganized as a collection of programs and/or program functions.

In at least one such embodiment, the applications processor 60 isconfigured to execute (additional) stored program instructions defininga desired operating system (OS), for implementing the second IP stackand hosting one or more user applications, as desired. As non-limitingexamples, the applications processor 60 implements a Linux operatingsystem, a SYMBIAN operating system, or a WINDOWS MOBILE operatingsystem. In such embodiments, the second IP stack 62 advantageously maycomprise the pre-packaged IP stack provided as part of the OS, butparticularly configured for the NAT routing described herein.

Further, the GAN manager 44 of the modem processor 40 is, in at leastone such embodiment, configured to establish IP and IPsec connectionstoward the supporting cellular communication network 14 (see FIG. 1), asneeded. The GAN manager 44 is further configured to export anApplication Program Interface (API) towards the call controlapplication(s) 84 as hosted by the OS implemented by the applicationsprocessor 60. The API allows the call control application(s) 84 toinitiate or otherwise carry out GAN-based calls, while still allowingthe GAN functionality to be contained within the modem processor 40.

Of course, those skilled in the art will appreciate that the modem andapplications processors 40 and 60 can be implemented in a variety ofways, including at least partially implementing them in signalprocessing hardware, e.g., as programmed logic gates in an FPGA or otherprogrammable logic circuit. However implemented, the mode processor 40and the applications processor 60 are configured to implement a methodof supporting GAN functionality in the device 10.

FIG. 4 illustrates one embodiment of the method, wherein processingincludes operating a privately routable, first IP stack 46 with IPsecurity (IPsec) processing in association with a GAN manager 44 (Block110). The first IP 46 stack is configured for encrypting outgoing GANtraffic and decrypting incoming GAN traffic, e.g., using an IPsec layer68.

The method further includes operating a publicly routable, second IPstack 62 as a Network Address Translation (NAT) router 64 for the firstIP stack 46 (Block 112). So configured, the second IP stack 62 routesoutgoing encrypted GAN traffic from the first IP stack 46 to a publicnetwork interface 72. The second IP stack 62 further routes incomingencrypted GAN traffic from the public network interface 72 to the firstIP stack 46, where the first and second IP stacks 46 and 62 are bridgedvia a local IP link 66.

As shown in either of FIG. 2 or 3, at least one embodiment of the methodincludes implementing the GAN manager 44 and the first IP stack 62 inthe modem processor 40 of the device 10, where the modem processor 40 isconfigured to provide cellular network signaling. “Implementing” in thissense may be regarded as a matter of design implementation, but also maybe regarded as an active step, wherein execution of stored computerprogram instructions by the modem processor implements the GAN manager44, etc. Similarly, the method further includes implementing the secondIP stack 62 via the applications processor 60 of the device 10, which isalso configured to host one or more call control and user applications84 and 86.

According to at least one method embodiment, outgoing encrypted GANtraffic is generated in the first IP stack based on receiving encodedaudio data carried in an outgoing RTP packet stream provided by RTPcontroller 50, which is implemented in the modem processor 40. Themethod further includes generating an incoming RTP packet streamcarrying encoded audio data, for the RTP controller 50, based ondecrypting the incoming encrypted GAN traffic. Again, the IPsec layer 68in the first IP stack 46 is configured to provide GAN-relatedencryption/decryption processing, and the IKE controller 52 isconfigured to provide authentication key processing in support ofobtaining GAN-based connectivity with the supporting cellularcommunication network 14 (as shown in FIG. 1).

With the above example details in mind, those skilled in the art willappreciate the advantageous reduction in complexity and the advantageousgains in GAN-related security provided by the present invention. Inparticular, these gains are realized in comparison to “conventional” GANimplementation in so-called smart phones and other wireless terminals.In such conventional devices, IP-based communications, including GANfunctions, are supported on a single IP stack. That IP stack and thelogic controlling IP connections execute on an application CPU, whilethe required cellular network signaling functions execute on a modemCPU, and extensive, complex proxy-based interfaces are required betweenthe two CPUs to implement GAN functionality.

Further, such conventional deployments intimately tie GAN functionalityto the application CPU hardware and associated OS, meaning thatGAN-related code needs to be ported or re-written for differentapplication CPU implementations. Still further, such conventionaldeployments force GAN traffic to pass unprotected between theapplication CPU and the modem CPU, leaving such traffic, includingsensitive access control signaling, vulnerable to tampering orinterception.

In contrast, the apparatus and method taught by the present inventionsegregate the GAN-related functionality to the modem processor 40, whichin one or more embodiments provides a secure, dedicated processingenvironment that advantageously localizes GAN encryption/decryption andcontrol with cellular network signaling. A local IP link bridges theGAN-associated IP stack with an IP stack in the applications processorthat is configured to provide NAT routing of GAN-related trafficincoming to and outgoing from the device 10.

That is, the application processor's IP stack provides a publiclyroutable IP address, but does not perform GAN encryption/decryption, andinstead routes encrypted GAN traffic to/from the privately routable IPaddress of the modem processor's IP stack. The application processor'sIP stack therefore must be able to do NAT routing and a DNS proxyservice, but it does not expose unencrypted GAN data on the interfacebetween the modem and application processors 40 and 60.

Instead, the GAN traffic from the device 10 to the external IP network70 is encrypted by the IPsec layer 68 in the modem processor's IP stack46 and sent to the local interface 74 of the application processor's IPstack 62. Such traffic is sent over the local IP link 66 between the twostacks 46 and 62. Correspondingly, the application processor's IP stack62 acts as a NAT router for the GAN traffic arriving on the localnetwork interface 74, and forwards it to the public network interface72. Conversely, GAN traffic arriving from the network 70 on the publicinterface 72 is forwarded to the local network interface 74, for furthertransport to the modem processor's IP stack 46, which decrypts thepackets for further processing by higher layers.

As such, all needed GAN-specific “building blocks” used to implement thedevice 10 can be shared as a matter of design between any number ofdevices that use the same or similar modem processors 40, essentiallyirrespective of the application processor details (including OS choice).Such commonality speeds the deployment of new and revised device models,and can simplify cellular testing and type approvals.

Of course, those skilled in the art will recognize additional featuresand advantages, and will recognize that the foregoing discussion andaccompanying illustrations as non-limiting. Indeed, the presentinvention is limited only by the following claims and their legalequivalents.

1. A wireless communication device comprising: a modem processorimplementing a cellular network signaling controller, a Generic AccessNetwork (GAN) manager, and a privately routable, first Internet Protocol(IP) stack; and an applications processor implementing a publiclyroutable, second IP stack, said second IP stack implementing a routerfor routing GAN traffic to and from the first IP stack on a local IPlink bridging the first and second IP stacks; wherein the routerimplemented by the second IP stack is a Network Address Translation(NAT) router; and wherein an IP security (IPsec) layer in the first IPstack is configured to encrypt outgoing GAN traffic and the first IPstack is configured to send the outgoing encrypted GAN traffic to thesecond IP stack over the local IP link, for NAT routing onto an externalIP network by the second IP stack.
 2. The wireless communication deviceof claim 1, wherein the applications processor includes or is associatedwith a public network interface, and wherein the second IP stack isconfigured to provide NAT routing of the outgoing encrypted GAN trafficinto the public network interface for transport on an external IPnetwork.
 3. The wireless communication device of claim 2, wherein thesecond IP stack is configured to provide NAT routing of incomingencrypted GAN traffic, as received through the public network interface,into a local network interface establishing the local IP link with thefirst IP stack, for delivery to the first IP stack in the modemprocessor, and wherein the IP sec layer of the first IP stack isconfigured to decrypt the incoming encrypted GAN traffic forhigher-layer processing by a Real-time Transport Protocol (RTP)controller implemented within the modem processor.
 4. The wirelesscommunication device of claim 1, wherein the first IP stack generatesoutgoing GAN traffic from outgoing Real-time Transport Protocol (RTP)packets carrying outgoing Voice-over-IP (VoIP) data and generatesincoming RTP packets carrying incoming VoIP data from incoming GANtraffic, and wherein the modem processor includes an RTP controller forgenerating the outgoing RTP packets from outgoing coded audio data andgenerating incoming coded audio data from the incoming RTP packets. 5.The wireless communication device of claim 4, wherein the modemprocessor includes or is associated with an audio codec that isconfigured to generate the outgoing coded audio data by encoding a localinput audio signal, and is configured to generate a local output audiosignal by decoding the incoming coded audio data.
 6. The wirelesscommunication device of claim 1, wherein the modem processor includes oris associated with a first local network interface circuit that iscommunicatively coupled to the first IP stack, the applicationsprocessor includes or is associated with a second local networkinterface that is communicatively coupled to the second IP stack, andwherein the first and second local network interfaces are configured tosupport the local IP link between the first and second IP stacks, forrouting of GAN traffic between the first and second IP stacks.
 7. Thewireless communication device of claim 6, wherein the applicationsprocessor includes or is associated with a public network interface thatis communicatively coupled to the second IP stack, for communicativelycoupling the second IP stack to an external IP network, and wherein thesecond IP stack is configured to perform Network Address Translation(NAT) routing of incoming encrypted GAN traffic received through thepublic network interface to the second local network interface, fortransfer to the first IP stack via the local IP link, and to perform NATrouting of outgoing encrypted GAN traffic received through the secondlocal network interface, for transfer to the external IP network via thepublic network interface.
 8. The wireless communication device of claim6, wherein the applications processor further includes or iscommunicatively associated with an additional local network interfacecommunicatively coupled to the cellular network signaling controller ofthe modem processor, for carrying non-encrypted user data trafficflowing between the modem processor and the applications processor. 9.The wireless communication device of claim 1, wherein the modemprocessor comprises a first microprocessor-based circuit and theapplications processor comprises a second microprocessor-based circuit,and wherein the first IP stack is implemented at least in part based onexecution of stored computer program instructions held in a memorycircuit included in or accessible by the modem processor, and whereinthe second IP stack is implemented at least in part based on executionof stored computer program instructions held in a memory circuitincluded in or accessible by the applications processor.
 10. Thewireless communication device of claim 9, wherein the applicationsprocessor is configured to execute additional stored programinstructions defining a desired operating system, for implementing thesecond IP stack and hosting one or more user applications, as desired.11. The wireless communication device of claim 10, wherein the GANmanager of the modem processor is configured to establish IP and IPsecurity (IPsec) connections toward a supporting cellular communicationnetwork, as needed, and to export an Application Program Interface (API)towards a call control application hosted by the desired operatingsystem implemented by the applications processor.
 12. A method ofsupporting Generic Access Network (GAN) functionality in a wirelesscommunication device, said method comprising: operating a privatelyroutable, first IP stack in association with a GAN manager, whereinoperating the first IP stack includes encrypting outgoing GAN trafficand decrypting incoming encrypted GAN traffic via IP security (IPsec)processing in the first IP stack; and operating a publicly routable,second IP stack as a router for the first IP stack, to route outgoingGAN traffic from the first IP stack to a public network interface and toroute incoming GAN traffic from the public network interface to thefirst IP stack, said first and second IP stacks being bridged via alocal IP link; wherein operating the second IP stack as a router for thefirst IP stack includes: performing Network Address Translation (NAT)routing of incoming encrypted GAN traffic received through the publicnetwork interface, for transfer to the first IP stack via the local IPlink; and performing NAT routing of outgoing encrypted GAN trafficreceived from the first IP stack through the local IP link, for transferto the external IP network via the public network interface.
 13. Themethod of claim 12, further comprising implementing the GAN manager andthe first IP stack in a modem processor of the wireless communicationdevice that is configured to provide cellular network signaling, andimplementing the second IP stack via an applications processor of thewireless communication device that is configured to host one or morecall control and user applications.
 14. The method of claim 13, furthercomprising generating the outgoing GAN traffic in the first IP stackbased on receiving encoded audio data carried in an outgoing Real-timeTranslation Protocol (RTP) packet stream provided by an RTP controllerimplemented in the modem processor, and generating an incoming RTPpacket stream carrying encoded audio data, for the RTP controller, basedon processing the incoming GAN traffic.
 15. The method of claim 12,further comprising implementing the first IP stack in a modem processorcomprising a first microprocessor-based circuit and implementing thesecond IP stack in an applications processor comprising a secondmicroprocessor-based circuit, and wherein the first IP stack isimplemented at least in part based on execution of stored computerprogram instructions held in a memory circuit included in or accessibleby the modem processor, and wherein the second IP stack is implementedat least in part based on execution of stored computer programinstructions held in a memory circuit included in or accessible by theapplications processor.
 16. The method of claim 15, further comprisingimplementing a desired operating system for the wireless communicationdevice via the applications processor, for hosting one or more callcontrol and user applications, as desired.
 17. The method of claim 15,further comprising configuring a cellular network signaling controllerin the modem processor to establish IP and IP security (IPsec)connections toward a supporting cellular communication network, asneeded, and to export an Application Program Interface (API) towards acall control application hosted by the applications processor.